good way to learn the fundamentals before the skills
#11
(08-18-2018, 06:12 PM)QMark Wrote: I am just gonna finish my compTIA certs and get the handbook. That’s more practical. The book says what I need to lesrn. I just gotta apply it and learn from Andrew excel beyond it on my own.

I’m just gonna apply it to OWASP BWASP. Doing OWASP exercises with the handbook will prepare me to start bug hunting.

That’s my epic plan.

You guys agree? Learning loads of OWASP and pentesterlab will solve my problems transitioning to bug hunting right? Am I wrong? Then I can gain real world exp.

You're overthinking it buddy. Just jump in and start anywhere; I've seen quite a few posts like this from you the past few months asking "how do I get started", "what's the best plan", etc... INDECISION IS WORSE THAN A BAD DECISION.

Only trying to help  Wink
Reply
#12
(08-18-2018, 06:12 PM)QMark Wrote: I am just gonna finish my compTIA certs and get the handbook. That’s more practical. The book says what I need to lesrn. I just gotta apply it and learn from Andrew excel beyond it on my own.

I’m just gonna apply it to OWASP BWASP. Doing OWASP exercises with the handbook will prepare me to start bug hunting.

That’s my epic plan.

You guys agree? Learning loads of OWASP and pentesterlab will solve my problems transitioning to bug hunting right? Am I wrong? Then I can gain real world exp.

If you have the passion and discipline I don't see why you can start practising and trying bug hunting right now. Start doing hackmes, wargames, ctf, hackthebox challenges etc. No one is stopping you from self learning this. I'm sure a cert will look good on your resume and it's pretty good way to get a job in the industry.

But being a bug hunter is more of a self-employed type of business. No one is your boss, so technically having a cert isn't a requirement. Bugs are all the matters, find the bugs? Get the money.
Reply
#13
(08-23-2018, 11:01 PM)Insider Wrote:
(08-18-2018, 06:12 PM)QMark Wrote: I am just gonna finish my compTIA certs and get the handbook. That’s more practical. The book says what I need to lesrn. I just gotta apply it and learn from Andrew excel beyond it on my own.

I’m just gonna apply it to OWASP BWASP. Doing OWASP exercises with the handbook will prepare me to start bug hunting.

That’s my epic plan.

You guys agree? Learning loads of OWASP and pentesterlab will solve my problems transitioning to bug hunting right? Am I wrong? Then I can gain real world exp.

If you have the passion and discipline I don't see why you can start practising and trying bug hunting right now. Start doing hackmes, wargames, ctf, hackthebox challenges etc. No one is stopping you from self learning this. I'm sure a cert will look good on your resume and it's pretty good way to get a job in the industry.

But being a bug hunter is more of a self-employed type of business. No one is your boss, so technically having a cert isn't a requirement. Bugs are all the matters, find the bugs? Get the money.

True. I could just get the Web App Hackers Handbook right now and fucking start and I don’t see why the school is requiring me to have certs first which is stupid.

I am going to get the web app hackers handbook ASAP. I am gonna start WHILE I am earning my certs. I think I can do it myself since it’s just the BWAP.

Who cares what my school says about this? It’s a stupid rule.
It will give me exp in both sooner.
Reply
#14
(08-18-2018, 06:12 PM)QMark Wrote: True. I could just get the Web App Hackers Handbook right now and fucking start and I don’t see why the school is requiring me to have certs first which is stupid.

Yeah, you should do it. But do both, don't just give up on taking certs alltogether. It's a good backup to have and overall just a great experience and merit on your resumé. 

(08-18-2018, 06:12 PM)QMark Wrote: I am going to get the web app hackers handbook ASAP. I am gonna start WHILE I am earning my certs. I think I can do it myself since it’s just the BWAP.

That's the spirit! Yeah. 

(08-18-2018, 06:12 PM)QMark Wrote: Who cares what my school says about this? It’s a stupid rule.
It will give me exp in both sooner.

As long as you pursue your education and do it on your freetime, I'm sure your school has nothing to say about this. Go for it.
Reply
#15
(08-26-2018, 07:16 PM)Insider Wrote:
(08-18-2018, 06:12 PM)QMark Wrote: True. I could just get the Web App Hackers Handbook right now and fucking start and I don’t see why the school is requiring me to have certs first which is stupid.

Yeah, you should do it. But do both, don't just give up on taking certs alltogether. It's a good backup to have and overall just a great experience and merit on your resumé. 

(08-18-2018, 06:12 PM)QMark Wrote: I am going to get the web app hackers handbook ASAP. I am gonna start WHILE I am earning my certs. I think I can do it myself since it’s just the BWAP.

That's the spirit! Yeah. 

(08-18-2018, 06:12 PM)QMark Wrote: Who cares what my school says about this? It’s a stupid rule.
It will give me exp in both sooner.

As long as you pursue your education and do it on your freetime, I'm sure your school has nothing to say about this. Go for it.

Thanks. Such good advice. Will take it. Problem solved. Right now I'm intensely studying for network+ so you know...

But I AM gonna get that cert!!! YEAH!!! I made another thread about it actually about studying help.

Best,

your friendly neighborhood QMark
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  would this be a good way to start web hacking? QMark 19 7,188 04-04-2020, 06:28 AM
Last Post: QMark
  CrawlBox - Easy way to brute-force web directory. abaykan 2 6,545 06-25-2018, 04:11 PM
Last Post: Infinityex
  Possible way to bypass Apache Mod_Security? oxid 1 5,785 08-05-2017, 09:27 PM
Last Post: lunorian
  What are the required skills to be a Web Application Pentester? Freerunning 6 5,632 05-17-2016, 11:43 AM
Last Post: charge